Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

42faa54ab4...6f.exe

windows7-x64

10

42faa54ab4...6f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42faa54ab4183e9497c243e7543ac16f

  • Size

    371KB

  • Sample

    240105-g6de5sfeh9

  • MD5

    42faa54ab4183e9497c243e7543ac16f

  • SHA1

    89ac1eb6b7cf5e3c71966f9891b97e21a078f101

  • SHA256

    a024f189799cced8d2b2b164f4cc73b0eb9e12784bc977f182175bb61c17a171

  • SHA512

    8c4befdff6d72f78ef3fd0eaac34f9933bebd276f0d05863b301bc8199461ff6d7cd2ecf6eba7e1d4f1b1023613f164104c072effada5ced4a00138dbee481da

  • SSDEEP

    6144:lTuY1NjS3LlNGyYePTDtVjSIbU2oCs8jvHtM/fifUfglQkg74PSn04ThflRHf2VF:lTVS3LloEPTDtYsZ3jPMiMga9OS04TrS

Score
10/10
zgratpersistencerat

Malware Config

Targets

    • Target

      42faa54ab4183e9497c243e7543ac16f

    • Size

      371KB

    • MD5

      42faa54ab4183e9497c243e7543ac16f

    • SHA1

      89ac1eb6b7cf5e3c71966f9891b97e21a078f101

    • SHA256

      a024f189799cced8d2b2b164f4cc73b0eb9e12784bc977f182175bb61c17a171

    • SHA512

      8c4befdff6d72f78ef3fd0eaac34f9933bebd276f0d05863b301bc8199461ff6d7cd2ecf6eba7e1d4f1b1023613f164104c072effada5ced4a00138dbee481da

    • SSDEEP

      6144:lTuY1NjS3LlNGyYePTDtVjSIbU2oCs8jvHtM/fifUfglQkg74PSn04ThflRHf2VF:lTVS3LloEPTDtYsZ3jPMiMga9OS04TrS

    Score
    10/10
    zgratpersistencerat

    • Detect ZGRat V1

    • Modifies WinLogon for persistence

      persistence

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks